Searching Kubernetes Logs Without A Logging Platform
Searching through pod logs on Kubernetes can be more challenging without a centralized logging platform like Datadog or Splunk.
Here’s how you can do it with kubectl
and grep
.
You can use kubectl
to get logs for multiple containers by using their label:
kubectl logs -n kube-system -l k8s-app=kube-dns
To search the logs, just pipe it to grep
:
kubectl logs -n kube-system -l k8s-app=kube-dns | grep -i "error"
If you would like to get a live tail and follow the logs, you can use the -f
flag:
kubectl logs -f -n kube-system -l k8s-app=kube-dns
Then, you can pipe it into grep with --line-buffered
for continuous output:
kubectl logs -f -n kube-system -l k8s-app=kube-dns | grep --line-buffered -i "error"
Note that there’s a default limit of 5 containers when using the follow flag -f
.
You can get around this by setting --max-log-requests=<n>
, where n
is the number of containers you’d like to follow logs for.
Join the 80/20 DevOps Newsletter
If you're an engineering leader or developer, you should subscribe to my 80/20 DevOps Newsletter. Give me 1 minute of your day, and I'll teach you essential DevOps skills. I cover topics like Kubernetes, AWS, Infrastructure as Code, and more.
Not sure yet? Check out the archive.
Unsubscribe at any time.